PuTTY SSH Reverse Tunnel And CLI Share

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hello everyone now today I'm gonna try and help a friend out who works in a corporate network but I need to access some of his gears SSH okay so what we're going to do is set up some funky reverse tunnels and I'll be able to see it here where I'm sitting so we'll see how this guy's okay on a corporate network you might have a lot of hosts that you have to manage usually with SSH for the CLI now if you want some outside help from someone like me then you've got to find a way for me to get onto your network so I can do that with you and can work on it together now often you'll use a TeamViewer type sharing thing so you can share a desktop but that's pretty bandwidth intensive and also it's not exactly real-time it's not very clean when you just want an SSH session so what we're going to do today is I've got a friend here online and he's in a corporate network what he's going to do is he's going to SSH to my server that's publicly accessible for SSH I'm also going to access that server and we're going to set up a reverse tunnel through putty so that I can then get to a host that he wants help with so we'll start with that so what he's going to do is he's going to open up his putty configuration right and you'll see a screen like this now in the top here where it says host name or IP address he's going to put my IP address because that's the SSH connection that he's going to use he's going to connect to my address here so he's going to put that in here okay right there then down the bottom here where it says data he doesn't have to do this he could do it manually time but he's got the username put in that I've given him which is just visitor and under the SSH off he's also got a private public key pair so we've installed the public key on the server here already so he doesn't have to use the password so it's got the username and the keys to login then down here under tunnels what we do now this is from his setup on the corporate network okay he's gonna set a remote destination that way this end listens because this ends remote to him and in the source port he's just gonna pick a port for me to connect to here to go back so we're just going to say ten thousand and one for instance and then in destination he'll put an IP address of the host who's going to connect to so that might be a attend dot something address 192.168.1.2 not three or something and then the port is still twenty two because it's still an ssh server so once that's done we add that so now when he connects this will listen at this end that he's connected to on port 10,000 one and then it will redirect that or tunnel lap through to his host on port 22 all right so I've just got some Adam and comms here with him just to help him set up the session so you can start that putty session now right this is Stefan his name is Stefan okay now I'm SSH into my linux server here and so is he just using the same username so we're both logged in so what I'll do now is start a screen with dash M and dash capital S for old mate just that's just the name of this session right so there you go I'm now in a screen if I list it you can see I'm attached to the screen called old mate so all mates online if you want to get in your screen now he'll type screen dash X and then dash capital s old mate so he'll do he'll do what we said we do so let me know when you've done that you don't press ENTER a couple of times or something okay now as you just saw I didn't press enter in he did so you see when I press enter and then when he presses enter when he's finished feeding his face good helps hard to find just press ENTER a couple of times will you just to prove a point there it goes okay so here don't get carried away okay so what we're doing now is sharing a session on my server here but we set up that reverse tunnel in SSH and now what we can do is go SSH what he would normally do internally on his network is admin at this time it's local host and port that we set up was ten thousand and one so when I do that it asks for a password now I don't know his password he puts his password in and I don't even see it so he types away and he's in some sort of controller so he's just logged into a wireless controller and I can do like a show version I can run that here using SSH he can also see that so if you want to run some commands as well just run something and I'll have a look so he does whatever he wants he doesn't know commands that's all right that's why Colby and you get the point so come on mate you're on TV now okay so you can see where this comes in handy if some shagger doesn't know what he's doing and needs help once you set your reverse SSH tunnel up you can actually do this here and not just you know send random traffic through you can do an SSH session through by listening on a remote port here as we've just done okay so I can run commands on here like I'm there so show version and also he can run commands too like if you do something like I see what he does show clock okay so he can do commands I can do commands so it's better than having a full on desktop share because it's light on the bandwidth and also it's much more responsive you know if you've ever used full desktop sharing applications there's heaps of them they're all the same they can be lethargic you type something you go did it go and you know key repeat five times do it this way and that's all fine so if I exit out of that I'm just back here at the Linux box and so is he now to exit out of that screen but to leave it going in the background just do control a and then D so we've I've exited from the session it's still there though so if I did a screen - X this time scream - X and then the share name was all mate we're back in again so that's it to see what screens are running just do a screen LS and we've only got one running but that's how you do it and he can exit anytime and I'll lose access to his network so if you want to help someone out and who's on a corporate network and it's someone who you deal with often then you can set it up this way so that you don't have to use you know TeamViewer type things and it does make things a lot easier and you can both both see the screen both do the input and output but he doesn't have to give away any passwords or or open any firewalls so there's a neat trick that comes in pretty handy so I hope it helps you out anyway see you next time okay so I'll get him to connect up when he's finished in lunch me dead you can't yeah oh good he'll Kenya
Info
Channel: Tall Paul Tech
Views: 9,312
Rating: 4.9837728 out of 5
Keywords: SSH Reverse tunnel, SSH, Putty, Public private keys, firewall, corporate firewall, network security, remote administration
Id: ljHpgMJ_ByI
Channel Id: undefined
Length: 7min 17sec (437 seconds)
Published: Tue Nov 26 2019
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.